EDUCATION POINT

• Keywords

You may already know that pages containing the word you searched for are more likely to end up at the top. But the location of those words, like, in the page’s title, or in an image’s caption. These are factors too.

There’s a lot more to ranking than to adjust words. Back when Google started, they looked at how pages linked to each other to better understand what pages were about and how important and trustworthy they seemed. Today also linking is still one of the most important factor.

• Searcher's Location

One the most important factor is the Searcher's Location i.e. from where a search happens. This is because if you are in Ormea which is in Italy, then you must be looking for information about their annual lasagna festival, but if you’re in Omaha, which is in Nebrasaka,  then you probably aren't looking for that.

• When a Web Page was Uploaded 

The time when the page  uploaded. It is also an important factor because pages published more recently often have more accurate information, especially in the case of rapidly developing news story.

You must have heard that every thing in this world which is connected to the internet can be hacked. It is possible also. We human also directly or indirectly are connected to it. In today’s world data has become something which is very crucial.

You are no more private in this era but you are totally public. Yes, you are public. Any one who can access your phone could get all the information about you i.e. your likes, dislikes, your interests, places you visited, etc. Every single information can be accessed using that device.

Do you know that, Google has full access to your mobile phone. You must have seen that if you visit amazon and searched for something say Shoes. You must have noticed that any blog or website which you visit later will be showing the same amazon product and if you haven’t noticed just check it once.

In the reference of information security, Social Engineering can be described as a term in which some one controls up a human brain through psychological manipulation in order to get confidential information. If we state this in simple term then it will be, “The art of Human Hacking is called Social Engineering”.

Social Engineering happens in number of steps. The Hacker first investigates about the victim. He then collects information about him, such as strong entry points, protocols with weak security which is needed to proceed with the attack. After that the hacker try to gain trust from the victim. And gradually he uses some techniques to gain sensitive information or to get access to secure sources.

Social Engineering is very dangerous. Basically the reason is that, it depends on human mistake rather than vulnerability in computer system or software’s. Hacker are stalkers. They just keep an eye at you and wait for that perfect moment where you will make a small mistake. As soon as he finds it he executes his job. In this way it becomes very difficult to find what mistake has been actually made.

If someone provides a service through the web, it's called Cloud Computing. This service are often anything like Off Site Storage or computing resources. Or simply, Cloud Computing is such a method of computing which is massively scalable and versatile and which can provide service to IT-related capabilities with the assistance of Internet Technologies. Facilities like infrastructure, platform, application and space for storing are available in these services. In this, the users use the services consistent with their need and pay the cash for the services they use. For this, they don’t need to build their own infrastructure.

Nowadays there's lots of competition within the world and during this way people need service on the web in the least times, without any delay. If an application ever freezes, then there's a dissatisfaction among the users. People need the service 24/7. To satisfy this requirement, we cannot emphasize on old mainframe computing, so people started using Cloud Distributed Computing Technology to solve this problem. Due to which big businesses started doing all their work very easily.

For example, Facebook, which has 757 million active users and which sees about 2 million photos daily, around 3 billion photos are uploaded monthly , 1 million websites uses Facebook to perform 50 million operations per second. In such a situation the normal computer system cannot solve these problems, rather we'd like something advanced technology which will do that job. So to perform such computing, Cloud Distributed Computing is used at this point of time.

Examples of Cloud Computing

• YouTube is a great example of cloud storage that hosts video files of many users.

• Picasa and Flickr which hosts digital photographs of crores of users on their server.

• Google Docs which is another great example of cloud computing that permits users to upload their presentations, word documents and spreadsheets to their data servers. Apart from this, there's also a choice for users to edit and publish those documents.

For Full Article 👇

Here are some things that you need to know about Azure. It was launched in February 1st 2010 which is significantly later then when AWS was launched. It's free to start and has a pay per use model which means like I said before you need to pay for the services you use through Azure. 80% of Fortune 500 companies use Azure services. It is one of the most important selling points for Azure. It simply means that most of the bigger companies of the world actually recommend using Azure. 

Since Azure supports to wide variety of programming languages like C#, Node.js, Java and so much more. Another important selling point of Azure is the amount of data centers it has across the world. It's important for a cloud service provider to have many data centers around the world because it means that they can provide their services to a wider audience. At present Azure is available in 60+ regions which is more than any cloud service provider has at the moment. 

Kali Linux is a tool from Linux distribution and it is derived from Debian. It is mainly designed for Penetration Test and digital forensics. It is funded and maintained by Offensive Security.

Kali Linux has more than 600 inbuilt programs for Penetration Test. It includes Armitage ( Armitage is a Graphic Cyber Attack Management Tool), John the Ripper ( It is a Password Cracker Tool ), Nmap ( Port Scanner Tool ), Aircrack-ng ( It is a software to perform Penetration Test on Wireless LANs ), Burp Suite and web application security such as Burp Suite and OWASP ZAP.

It was developed by Offensive Security. It was created by Mati Aharoni and Devon Kearns by rewriting BackTrack. BackTrack was the previous tool which was used for security testing and it was based on Knoppix. Initially Kali Linux was designed for only kernel auditing from it was named as Kernel Auditing Linux.

Kali Linux is based on Debian Testing Branch. Mostly the packages of Kali Linux which are put to use is imported from Debian repositories.

Kali Linux grew popular when it was featured in multiple episodes of a T.V. Series called Mr. Robot. The tools of Kali Linux which were highlighted in the show were Bluesniff, Bluetooth Scanner, btscanner, John the Ripper, Metasploit Framework, shellshock, Wget and Nmap.

What are the Requirements for Kali Linux ?

• Minimum of 3GB Hard-Disk space is needed for installation of Kali Linux

• Minimum 256MB of RAM for i386 and AMD64 architecture

• A Bootable CD or DvD or a USB

What is Mostly Recommend :-

• You need 20GB of free space on your Hard-Disk, SSD is preferred over Hard-Disk

Penetration Test is a process performed by ethical hacker to find out any weakness in a system. It is done so that the vulnerabilities can be fixed and it will prevent from attacks made by any outsiders.

For full article visit

In simple language it is a process performed by Ethical Hacker to find out flaws in a System. The main thing in this process is to find out the weakness or such loop holes which a attacker can use to harm the system. It is not only performed on a System rather it is also used to find out weakness on any kind of network or web application and lot more.

Many people thinks that Penetration testing is a difficult task and yes it is because you have to very much creative in this task. It also requires knowledge about Programming Languages. Many companies hire such experts to find out whether there are any flaws in their system or not. The Hackers perform penetration test and creates a report along with it he also provides how the security can be enhanced. These are all done with permission. So let us now know about Penetration Testing from depth.

Table of Contents :

• What is Penetration Test ?

• History of Penetration Test

• What are the Tools For Penetration Test ?

• What are the Processes or Phases in Penetration Test ?

• What are Vulnerabilities ?

• What is Payload ?

• Conclusion

What is Penetration Test ?

A Penetration test also known as Pen Test, White Hat Hacking or Ethical Hacking is a process in which a hacker gains an authorized access to a System under certain limitations. It is done to check the security of the system. This is done to identify vulnerabilities of a system or network so that it can be protected from unauthorized parties to get access to system and its data. At the same time it is also performed to strengthen security so that there is no risk of potential threat.

In this process the hacker identifies the system and set’s up a goal. He then reviews all the available information and perform various tasks to attain that goal just like a Black Hat Hacker would do. The target where the Penetration test is to be performed can be either Black Box which means it will only provide a basic or no information except the company name or White Box which means it will provide information about system and few other background information. There is also one more type of target known as Gray Box Target in which hackers get limited information. A Penetration test determines that whether a System is Vulnerable to attack or not under those sufficient defense’s. It also ensures whether any of the security could be broken down or not.

History of Penetration Test

Sir Deborah Russell and Sir G. T. Gangemi were the two Scholars who first stated that the year 1960 was the beginning era of Computer Security because of increasing popularity of time-sharing. Time-Sharing means that we can share multiple resource among users at the same time by certain means i.e. multitasking and multiprogramming.

In June 1965 several Security Experts of from different countries held a press conference on System Security which was hosted by a Government Contractor, System Development Corporation. During the meeting someone noticed that an employee of SDC was easily able to weaken the different system which connected to a time-sharing system. In that confernce participants requested to use the Penetration Test as a tool to study Computer System weakness.

In 1967 one more conference among the Security Expert took place to discuss about the System Security. Will Ware, Harold Petersen, Rein Tern of RAND Corporation and Bernard Peters of National Security Agency founded the term “Penetration” to define an attack on a system. Will Ware in a paper stated a warning that such practice’s to gain unauthorized access to a system should be stopped.

In 1970 a group of team known as “Tiger Teams” were organized by Government to perform Penetration Test. The team comprised of Crackers. They broke down in system by breaking its security to detect loop holes.

What are the Tools For Penetration Test ?

There are many varieties of software available for Penetration Test which includes free software’s and commercial software’s.

1.) Specially Designed OS Distributions

There are several OS distributions available for Penetration Test Such software’s mainly contains tools which are pre-installed in it or pre-configured. So the Pen Tester’s don’t have to look down for different types of tools as it will increase complications and cause various errors like configuration errors, compile errors or dependency issues.

Examples of OS designed for Penetration Test :-

• BackBox which is Based on Ubuntu

• BlackArch which is Based on Arch Linux

• Kali Linux (replaced by BackTrack) which is Based on Debian

• Parrot Security OS which is Based on Debian

• Pentoo which is Based on Gentoo

• WHAX which is Based on Slackware

There are lot more distributions which is used as a tool for Penetration Test.

There are certain distributions of Linux OS which can be deployed on the target system for practise. Such Systems helps security experts to try latest technology tools for testing. For Example, Metasploitable, OWASP Web Testing Environment and Damn Vulnerable Linux.

2.) Certain Software Frameworks

• Metasploit Project

• BackBox

• Nmap

• Burp Suite

• Hping

What are the Processes or Phases in Penetration Test ?

Penetration Test Process mainly comprises of 5 main phases. They are as follows :-

Reconnaissance: This is the first phase. In this phase the hacker collects all the available information about the target system. These information will help to easily attack the target system. E.g. Search Engine is a open source platform which can be uses to gather data which is used in Social Engineering attacks.

Scanning: This is the second phase of Penetration Test. In this the hacker collects more information about the target system. You might be wondering that it is same as step 1. But it’s not like that, in this the hacker scans for open ports or any such vulnerabilities which will help easily to attack the target system. E.g. Nmap is used to scan for open ports.

Gaining Access: This is the third phase of Penetration Test. In this step the hacker uses the information gathered in Reconnaissance and Scanning to exploit the targeted system by using payload. E.g. Metasploit can be used to operate attacks on known vulnerabilities.

Maintaining Access: This is the fourth step of the phase. In this the hacker tries to maintain access for a longer period of time by taking necessary steps, so that he can capture more and more data from the targeted system.

Covering Tracks: This is the last phase of the test. So what criminals generally do after committing a crime ? They generally hide everything to remain anonymous. Similarly in this step the hacker clears all the traces from the targeted system, log events, any type of data which got stored in order to remain anonymous

So now the hacker has exploited the vulnerabilities of one system and now they will try to gain access to other system through it and the process repeats. Now they will look for new vulnerabilities and will try to exploit them. This process is also referred to as Pivoting.

For full article visit

What is Metasploit ? A complete guide for beginners on Metasploit software. What is it ? Why hackers use it. Everything in detail.